Infrastructure as Code, 3rd Edition

Infrastructure as Code, 3rd Edition

by Kief Morris
Released March 2025
Publisher(s): O'Reilly Media, Inc.
ISBN: 9781098150358

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

The past decade has seen cloud and infrastructure as code move out of shadow IT and startups and into the mainstream. Many organizations rushed to adopt new technologies as part of their transformation into digital businesses, creating a sprawl of unmaintainable infrastructure codebases. Now, there is a need to consolidate cloud-based systems into mature foundations for sustainable growth.

With this book, Kief Morris describes patterns and practices for building and evolving infrastructure as code. The third edition provides a broader context for infrastructure, explaining how to design and implement infrastructure to better support the strategic goals and challenges of an organization, such as supporting growth while better managing costs.

This book covers:

  • Foundational concepts, including an exploration of declarative and procedural infrastructure languages, where infrastructure code fits into a comprehensive platform strategy and enterprise architecture, and how to test and deliver infrastructure code.
  • Infrastructure architecture, drawing on lessons learned from software design and engineering to build infrastructure codebases that can be evolved and scaled to enable growth and adapt to changing needs.
  • Patterns for building infrastructure to support platform services across the complicated, varied landscapes of real-world IT systems, from physical hardware to virtual servers to cloud-native clusters and serverless workloads.
  • Workflows and operating models that combine automation and cloud with forward-thinking approaches like Agile and DevOps for rigorous governance of compliance, cost, security, and operational quality.

Publisher resources

View/Submit Errata

Table of contents

  1. Brief Table of Contents (Not Yet Final)
  2. I. Foundations
  3. 1. What Is Infrastructure as Code?
    1. Infrastructure as Code
    2. From the Iron Age to the Cloud Age
      1. Cloud Age Approaches To Change Management
      2. The Path To The Cloud Age
    3. Strategic Goals and Infrastructure as Code
    4. System Architecture Goals and Infrastructure as Code
    5. Use Infrastructure as Code to Optimize for Change
      1. Myth: Infrastructure Doesn’t Change Very Often
      2. Myth: We Can Build the Infrastructure First and Automate It Later
      3. Myth: Speed And Quality Must Be Traded Off Against Each Other
    6. The Four Key Metrics
    7. Core Practices for Infrastructure as Code
      1. Core Practice: Define Everything as Code
      2. Core Practice: Continuously Test and Deliver All Work in Progress
      3. Core Practice: Build Small, Simple Pieces That Can Change Independently
    8. Conclusion
  4. 2. Principles of Cloud Infrastructure
    1. Principle: Assume Systems Are Unreliable
    2. Principle: Make Everything Reproducible
    3. Pitfall: Snowflake Systems
    4. Principle: Create Disposable Things
    5. Principle: Minimize Variation
      1. Configuration Drift
    6. Principle: Ensure That Any Procedure Can Be Repeated
    7. Principle: Apply Software Design Principles to Infrastructure Code
    8. Conclusion
  5. 3. Infrastructure Platforms
    1. Infrastructure Platforms
      1. Infrastructure Resources
      2. IaaS in the Data Center
      3. Multicloud
    2. Engineering Platforms
      1. Platform Services
      2. Providing Platform Service Functionality
    3. Platform Delivery Services
      1. Application Delivery Services
      2. Infrastructure Delivery Services
      3. Platform Management Services
    4. Conclusion
  6. 4. Infrastructure as Code Tools and Languages
    1. Coding Infrastructure
      1. Moving Beyond Task-Based Scripting
      2. What You Can Define as Code
      3. Code or Configuration?
      4. Configuration as Code
      5. Manage Your Code in a Source Code Repository
    2. Infrastructure Code Processing Lifecycle
      1. When Code Executes
      2. Infrastructure Code Lifecycle
      3. Splitting the Lifecycle
      4. Generating Intermediate Code
      5. Previewing Changes
      6. Tracing Infrastructure Code Execution
      7. Infrastructure State
    3. Infrastructure as Code Tools
    4. Types of Languages for Coding Infrastructure
      1. Procedural and Idempotent Code
      2. Imperative and Declarative Languages and Tools
      3. Domain-Specific and General-Purpose Languages
      4. Low-Level and High-Level Languages
      5. Infrastructure From Code
    5. Conclusion
  7. II. Design
  8. 5. Design Principles For Infrastructure as Code
    1. Design Considerations For Infrastructure As Code
      1. CUPID Properties for Design
      2. Cohesion and Coupling
      3. Providers, Consumers, and Interfaces
      4. Managing Interfaces Between Components
      5. Using Interfaces for Composability
    2. Design Across Infrastructure Code Lifecycle Stages
    3. Design Forces
      1. Design Forces for Source Code
      2. Design Forces for Infrastructure Packaging and Deployment
      3. Design Forces for Runtime
      4. Design Forces Across Lifecycle Stages
    4. Conclusion
  9. 6. Infrastructure Components
    1. The Infrastructure Components
      1. Starting Infrastructure Design With Workloads
      2. Infrastructure Compositions
      3. Infrastructure Deployment Stacks
      4. Infrastructure Code Libraries
      5. Libraries as Deployable Stacks
    2. Sharing and Reusing Infrastructure Code
      1. Sharing Infrastructure Code Components
      2. Sharing Stack Code Across Multiple Instances
      3. Sharing Stack Instances Across Workloads
    3. Application-Driven Infrastructure Design
      1. Horizontal Design
      2. Vertical Design
      3. Including Shared Infrastructure with Vertical Design
      4. Reference Application-Driven Infrastructure Design
    4. Design Workflow
      1. Start Simple
    5. Conclusion
  10. 7. Designing Deployable Infrastructure Stacks
    1. Patterns for Sizing and Structuring Stacks
      1. Pattern: Full System Stack
      2. Antipattern: Monolithic Stack
      3. Pattern: Application Group Stack
      4. Pattern: Single Service Stack
      5. Pattern: Micro Stacks
      6. Pattern: Shared Stack
    2. Stack Patterns for Multiple Instances of Infrastructure
      1. Antipattern: Multiple-Environment Stack
      2. Antipattern: Snowflakes As Code
      3. Pattern: Reusable Stack
    3. Conclusion
  11. 8. Configuring Infrastructure Stack Instances
    1. Key Concepts
      1. Using Stack Parameters to Create Unique Identifiers
      2. Keep Parameters Simple
    2. Example Stack
    3. Patterns for Configuring Stacks
      1. Antipattern: Configuration in Code
      2. Antipattern: Manual Stack Parameters
      3. Pattern: Stack Environment Variables
      4. Pattern: Scripted Parameters
      5. Pattern: Stack Configuration Files
      6. Pattern: Deployment Wrapper Stack
      7. Pattern: Pipeline Stack Parameters
      8. Pattern: Stack Parameter Registry
    4. Implementing a Configuration Registry
      1. Integrated Infrastructure Automation Tool Registries
      2. Standalone Packaged Configuration Registries
      3. IaaS Platform Registry Services
      4. Build Your Own Configuration Registry
      5. Single or Multiple Configuration Registries
    5. Handling Secrets
      1. Generating Secrets
      2. Storing Secrets in Encrypted Files
      3. Using a Secret Storage Service
      4. Injecting Secrets at Runtime
    6. Conclusion
  12. 9. Integrating Infrastructure Stacks
    1. Example Infrastructure Deployment Stacks
    2. Resource Discovery Patterns
      1. Pattern: Resource Matching
      2. Pattern: Stack State Lookup
      3. Pattern: Integration Registry Lookup
    3. Implementing Resource Discovery
      1. Implementing Discovery In Stack Code
      2. Dependency Injection
      3. Managing Dependencies In a Deployment Script
      4. Wiring Stacks Together With a Composition
    4. Conclusion
  13. 10. Designing Infrastructure Code Libraries
    1. Pattern: Facade Module
      1. Also Know As
      2. Motivation
      3. Applicability
      4. Consequences
      5. Implementation
      6. Related patterns
    2. Antipattern: Obfuscation Module
      1. Motivation
      2. Applicability
      3. Consequences
      4. Implementation
      5. Related patterns
    3. Antipattern: Unshared Module
      1. Motivation
      2. Applicability
      3. Consequences
      4. Implementation
    4. Pattern: Bundle Module
      1. Motivation
      2. Applicability
      3. Consequences
      4. Implementation
      5. Related patterns
    5. Antipattern: Spaghetti Module
      1. Motivation
      2. Consequences
      3. Implementation
      4. Related patterns
    6. Pattern: Infrastructure Domain Entity
      1. Motivation
      2. Applicability
      3. Implementation
      4. Related patterns
    7. Pattern: Stack Module
      1. Also Known As
      2. Motivation and Applicability
      3. Implementation
    8. Antipattern: Modular Monolith
      1. Motivation
      2. Consequences
      3. Implementation
      4. Related patterns
    9. Conclusion
  14. 11. Building Servers as Code
    1. Defining Servers
      1. What’s on a Server
      2. Where Things Come From
      3. Server Configuration Code
      4. Server Roles
    2. Creating and Provisioning a New Server Instance
      1. Creating a Server Using Network Provisioning
      2. Creating an IaaS Server By Hand
      3. Creating a Server as Part of a Stack
      4. Event-based Server Creation
    3. Configuring a New Server Instance
      1. Baking Images and Frying Instances
      2. Pull Configuration With Initialization Scripts
      3. Push Configuration With External Commands
    4. Updating and Changing Servers
      1. Push On Change
      2. Continuous Configuration Synchronization
      3. Changing Servers By Replacement
      4. Immutable Server
    5. Building Server Images
      1. Hot-Cloning an Existing Server
      2. Booting an OS Installer
      3. Modifying a Stock Image
      4. Orchestrating Image Building
    6. Conclusion
  15. 12. Designing Environments
    1. Multi-Environment Architectures
    2. Multiple Delivery Environments
    3. Splitting Environments For Alignment
      1. Aligning Environments To System Architecture
      2. Aligning Environments To Organizational Structure
      3. Aligning Environments To Governance Concerns
    4. Multiple Environment Replicas
      1. Designing Environments For Operability Scenarios
      2. Distributing Environments Geographically
      3. Replicating Environments for User Bases
    5. Environment implementation layers
      1. Design forces for choosing the environment implementation layer
      2. Testing and delivering changes to environment infrastructure
    6. IaaS Resource Groups and Environments
    7. Building Environments with Multiple Stacks
    8. Conclusion
  16. 13. Providing Application Runtime Infrastructure
    1. Application-Driven Infrastructure Design
    2. Application Runtime Platforms
      1. Servers as Code
      2. Server Clusters as Code
      3. Application Clusters as Code
      4. Serverless Application Infrastructure
    3. Cluster Topologies
      1. Multiple Environments in One Cluster
      2. One Cluster Per Environment
      3. Multiple Clusters Per Environment
      4. Cross-Environment Clusters
    4. Conclusion
  17. III. Delivery
  18. 14. Infrastructure Delivery Lifecycle
    1. Principles and Practices for Delivering Infrastructure Code
      1. Automate the full process
      2. Keep environments consistent
      3. Make delivery cycles short
      4. Deliver changes comprehensively
      5. Only make changes using the automated process
      6. Keep all code production ready
      7. Ensure code and deployed resources are consistent
      8. Minimize disruption when deploying changes
    2. Infrastructure Delivery Workflows
      1. Delivery Workflow Phases
      2. Workflow Phases and Infrastructure Code Context
      3. Workflow Activities
    3. Conclusion
  19. 15. Approaches for Testing Infrastructure Code
    1. Why Continuously Test Infrastructure Code?
      1. What Continuous Testing Means
      2. Immediate Testing and Eventual Testing
    2. What Should We Test with Infrastructure?
    3. Challenges With Testing Infrastructure Code
      1. Challenge: Tests for Declarative Code Often Have Low Value
      2. Challenge: Unit testing code generation
      3. Challenge: Testing Infrastructure Code Is Slow
      4. Challenge: Dependencies Complicate Testing Infrastructure
    4. Progressive Testing
      1. Test Pyramid
      2. Swiss Cheese Testing Model
    5. Testing in Production
      1. What You Can’t Replicate Outside Production
      2. Managing the Risks of Testing in Production
    6. Conclusion
  20. 16. Infrastructure Delivery Pipelines
    1. Infrastructure Delivery Pipelines
      1. Development Rhythm with a Pipeline
      2. Immutable Code Builds
      3. Fan-in Pipeline for Integrated Delivery
      4. Federated Pipelines for Decoupled Delivery
      5. Library Component Pipelines
      6. Server Image Pipelines
      7. Server Infrastructure Code Module Pipelines
      8. Versioning and Promoting Server Code
      9. Combined Software and Infrastructure Pipelines
    2. Infrastructure Pipeline Stages
      1. Pipeline Stage Content
      2. Pipeline Stage Workflow
      3. Pipeline Stage Context
    3. Delivery Pipeline Software and Services
    4. Orchestration Scripts
    5. Conclusion
  21. 17. Developing and Building Infrastructure Code
    1. Working on Code Locally
      1. Local IaaS Emulators
      2. Personal IaaS Environments
      3. Just Enough Environment
    2. Building Infrastructure Code
      1. Building vs. Deploying
      2. Locking dependency versions
    3. Distributing Infrastructure Code
      1. Source Code Repository Distribution
      2. Distributing Infrastructure Code as an Artifact
      3. Delivery with Wrapper Stacks
    4. Organizing a Codebase
      1. Projects and Repositories
    5. Branching Strategies
      1. Organizing Different Types of Code
    6. Conclusion
  22. 18. Testing Infrastructure in Pipelines
    1. Offline Testing Stages for Stacks
      1. Syntax Checking
      2. Offline Static Code Analysis
      3. Connected Static Code Analysis
      4. Supply chain checks
      5. Local Infrastructure Emulators
    2. Using Test Fixtures to Handle Dependencies
      1. Test Fixtures to Replace Providers
      2. Test Fixtures to Replace Consumers
      3. Refactor Components So They Can Be Isolated
    3. Online Testing Stages for Stacks
      1. Preview: Seeing What Changes Will Be Made
      2. Verification: Making Assertions About Infrastructure Resources
      3. Outcomes: Proving Infrastructure Works Correctly
    4. Test Instance Lifecycles
      1. Pattern: Persistent Test Stack
      2. Pattern: Ephemeral Test Stack
      3. Antipattern: Dual Persistent and Ephemeral Stack Stages
      4. Pattern: Periodic Stack Rebuild
      5. Pattern: Continuous Stack Reset
    5. Test Orchestration
      1. Test Orchestration Tools
      2. Support Local Testing
      3. Avoid Tight Coupling with Pipeline Tools
    6. Conclusion
  23. About the Author

Product information

  • Title: Infrastructure as Code, 3rd Edition
  • Author(s): Kief Morris
  • Release date: March 2025
  • Publisher(s): O'Reilly Media, Inc.
  • ISBN: 9781098150358